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What’s Risk Management 


An organized, systematic decision making process that 
efficiently identifies, analyzes, plans, tracks, controls, 
communicates and documents risk. 


Risk management is performed continuously. 

Helps to prevent “unacceptable risk” due to... 

* Lack of planning for what could go wrong 

- Departure from established systems engineering and 
management processes 

* Not following design and verification rules 

• Lack of engineering curiosity when a result is unexpected 

• Not asking independent experts for confirmation and advice 
4 Lack of communication up and down the chain 



Why Risk Management 


NASA Policy Directive (NPD) 1000.5 (2009) states: “It is NASA policy to incorporate in 
the overall Agency risk management strategy a risk- informed acquisition process that 
includes the identification, analysis, and management of programmatic, infrastructure, 
technical, environmental, safety, cost, schedule, management, industry, and external 
policy risks that might jeopardize the success with which the Agency executes its 
acquisition strategies. ” 

NPR 8000.4A (2009), Agency Risk Management Procedural Requirements, evolves 
NASA’s risk management approach to entail two complementary processes: 

— Ris k-in formed Decision Making (RIDM) 

To risk-inform direction-setting decisions (e.g., space architecture decisions) 

To risk-inform the development of credible performance requirements as part 
of the overall systems engineering process 

Co ntinuous Risk Management (CRM) 

To manage risk associated with the implementation of baseline performance 
requirements 




Motivating Factors for doing RM 

9 To manage risk in a holistic and coherent manner across the 

Agency 

- Agency strategic goals explicitly drive RM activities at all levels 

- All risk types and their interactions are considered collectively 
during decision-making 

- Implementation of RM in the context of complex institutional 
relationships (programs, projects, centers, contractors, ...) 

* To better match the stakeholder expectations and the “true” 
resources required to address the risks to achieve those 
expectations 

* To better establish close ties between the selected alternatives 
and the requirements derived from it. 
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Risk-related NASA Documents 


• 2002 - issuance of PRA Procedures Guide 

• 2004 - issuance of NPR 8705 “Probabilistic Risk Assessment (PRA) Procedures for 
Safety and Mission Success for NASA Programs and Projects” 

• 2006 - Issuance of NPR 7123.1 “Systems Engineering Processes...” 

• 2006 - Revision of NPR 871 5. 3A “NASA General Safety Program Requirements,” 
Rewrite of System Safety Requirements (Chapter 2) 

• 2007 - Revision of NPR 7120. 5D “Space Flight Project Management Processes...” 

• 2007 - Reissue of NASA/SP-2007-6105 “NASA Systems Engineering Handbook” 

• 2008 - Reissue of NPR 8705.2B “Human-Rating Requirements for Space Systems” 

• 2009 - issuance of NPD-1 000.5 “Policy for NASA Acquisition” 

• 2009 - Revision of NPR 8O00.4A “Agency Risk Management Requirements” 

• 2009 - Issuance of NASA/SP-2009-569, “Bayesian Inference for NASA 
Probabilistic Risk and Reliability Analysis” 

• 2010 - issuance of NASA/SP-201 0-576 “NASA Risk-informed Decision Making 
Handbook” 


Emerging themes : 

ntegrated perspective of risk analysis 
Scenario-based modeling of risk 
Better treatment of uncertainties 
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Risk Management 


at GSFC 


* Agency Level Requirements per NPR 8000.4A 

* Center Level Requirements per GPR 7120.4 

* Directorate Level Requirements such as 

* Flight Program/Project level Risk Management Plan 

* Institutional Project Risk Management Plan 

* Procedures and Guidelines by Office of the Management 
Operations Directorate (200-PG-8000.0.1) 

* Threat, Lien and Encumbrance Policy to determine the 
potential cost impact associated with risks (Programs and 


Risk Escalation Process at GSFC 





Risk owners shall perform due diligence to understand the risk and escalation process. 
Reasons for escalation may include: 

Additional resources are needed to mitigate the risk. 

Direction is needed from the next level of management. 

External integration is required (e g. suppliers, other 
programs/projects/centers). 

The risk has cross-cutting significance. 

The following levels are defined to support the Center’s escalation process: 

Top Center Risk (TCR) - Requires Center management resources or direction 
Top Directorate Risk (TDR) - Requires Directorate Management direction. 

Top Organizational Risk (TOR) - Requires Division Management direction and/or 





Lessons Learned 







Columbia Accident Investigation Report ( 



“There is great risk in placing human 
beings atop a machine that stores 



and then burns millions of pounds of 
dangerous propellants. Equally risky 
is having humans then ride the 
machine back to Earth while it 
dissipates the orbital speed by 
converting the energy into heat, 
much like a meteor entering Earth's 
atmosphere. No alternatives to this 
pathway to space are available or 
even on the horizon, so we must set 


Common Themes of Mishap Reports 


* Risk Management/ Assessment 

* Testing, Simulation, Verification & Validation 

* Independent Review 

* Communications 

* Health Monitoring During Critical Operation 

* Safety/Quality Culture 

* Resources/Staffing 


Where Are The Risks? 


Most risks are below the surface. 


Knowns 

We understand our risks & options. 


Someone understands our risks 


Beyond our current knowledge 
but knowable if we work at it 


Not knowable with today’s 
knowledge, therefore we make 
blind decisions 



Once Risks have been identified, much is still below the surface. You 

need to know your degree of exposure! 



Reasons for Success (4R Model) 


Resoonsib 








•Design 

•Manufacturing 

•Inspection 

•Test 

•Software 

•Operations 

•Contingencies 


GEMs Graphite Epoxy Motors 
MECO Main Engino Cut-off 
SECO Second Stage Engine Cut-off 


management & Mission Success 





What is Risk (per NPR 8000.4) 

: ;y4y::sa% 


The expression of the potential for performance shortfalls, 
which may be realized in the future, with respect to achieving 
explicitly established and stated performance requirements. 

The performance shortfalls may be related to any one or more 
of the following mission execution domains: 

Safety 

Technical performance 
Cost 

Schedule 


Acceptable Risk 


Acceptable risk is a result of a knowledge-based review and decision 
processa 


Management and stakeholders must participate in the risk 
acceptance process 

Effective communication is essential to the mutual understanding 

of risk 


Assessment and communication of acceptable risk must be a 
continuing process 



Unacceptable Risk 


Lack of planning for what could go wrong 

Departure from established systems engineering and 
management processes 

Not following design and verification rules 

Lack of engineering curiosity when a result is unexpected 

Not asking independent experts for confirmation and 

advice 

Lack of communication up and down the chain 


Writing A Good Risk Statement 



Condition - a single, factual, phrase briefly describing the current key circumstances, 
situations, etc., is based in reality and have no uncertainty attached. 

Consequence - a single phrase or sentence that describes the key, negative 
outcome of the current condition. 


Risk Statement - a descriptive statement of a clear condition, that is concise, 
followed by a single consequence and will be understood by a majority of 
program/project stakeholders. 
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Building Consistency into a Risk Statement 


s Consider these questions when writing a risk statement: 
Is it ciear and concise? 

Wii! most project members understand it? 
is there a clear condition? 

Is the consequence clear? 

Is there only ONE condition followed by ONE 
consequence? 

v Consistency builds Credibility 


What Makes Up a 


be a Fact or perceived to be Fact 
be Reality Based 



CONDITION 






. v s* 


CONSEQUENCE 


will occur. 


Must have a Negative impact to the Condition 

Must focus on the long term impact of the risk to the 
Program/Project 


risk statement must be ACTIONABLE and have ONE condition and ONE consequence per 

statement 
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GSFC Risk Matrix Standard Scale 


Likelihood 

Safety 

{Estimated likelihood of 
safety event occurrence) 

Technical 

{Estimated likelihood of not 
meeting performance 
requirements) 

Cost/Schedule 

(Estimated likelihood of not meeting 
cost or schedule commitment) 

5 Very High 

(P SE > 10- 1 ) 

(P T > 50%) 

{P cs > 75%) 

EHESil 

(10- 2 < P SE < 10- 1 ) 

{25% < P T < 50%) 

{50% < P cs < 75%) 

3 Moderate 

{10 3 < P SE < 10-2) 

{15% < P T < 25%) 

(25% < P cs < 50%) 

2 Low 

(10- 6 < P SE < 10- 3 ) 

(2% < P T < 15%) 

(10% < P cs < 25%) 

1 Very Low 

(Pse*10- 6 ) 

(0.1% <P T < 2%) 

(Pcs S10%) 


L 

i 

k 5 


12 3 4 5 

Consequence ' 



Consequence Categories 

Risk 

1 Very Low 

2 Low 

3 Moderate 

4 High 

5 Very High 

Safety 

Negligible or No 
impact 

Could cause the need 
for only minor first aid 
treatment . 

May cause minor 
injury or occupational 
illness or minor 
property damage. 

May cause severe injury 
or occupational illness or 
major property damage. 

May cause death or 
permanently disabling 
injury or destruction of 
property. 

Technical 

No impact to full 
mission success 
criteria 

Minor impact to full 
mission success 
criteria 

Moderate impact to 
full mission success 
criteria. Minimum 
mission success 
criteria is achievable 
with margin 

Major impact to full 
mission success criteria. 
Minimum mission 
success criteria is 
achievable 

Minimum mission 
success criteria is not 
achievable 

Schedule 

Negligible or no 
schedule impact 

Minor impact to 
schedule milestones; 
accommodates within 
reserves; no impact to 
critical path 

Impact to schedule 
milestones; 
accommodates within 
reserves; moderate 
impact to critical path 

Major impact to schedule 
milestones; major impact 
to critical path 

Cannot meet schedule 
and program milestones 

Cost 

<2% increase over 
allocated and 
negligible impact on 
reserve 

Between 2% and 5% 
increase over 
allocated and can 
handle with reserve 

Between 5% and 7% 
increase over 
allocated and can not 
handle with reserve 

Between 7% and 10% 
increase over allocated, 
and/or exceeds proper 
reserves 

>10% increase over 
allocated, and/or can't 
handle with reserves 




HIGH RISK. 


MODERATE RISK 


LOW RISK 


Code 300 
Rev. 021307 

























Sample Risk Matrix 



Criticality 


txCTrend 

AoDroach 

- ' Hrgft 


Decreasing (Improving) 

M - Mitigate 


IT 

Increasing (Worsening) 

W - Watch 

Med 


Ly 

Unchanged 

A - Accept 


Example -Program Top Risk Report 


Risks are identified and trended from the previous review to the current 


New Since Last Period 


R - Research 


review 




























When Do You Start Risk Management? 


Project Phases 


Flight Project Life 
Cycle Phases 



Pre- Phase A 
Concept Studies 


Phase A 

Concept Studies 


Phase B 

Preliminary Design 


Phase C 
Final Design 


Phase D 
Fabrication, 
Assembly & Test 


Phase E 
Operations & 
Sustainment 


Phase F 
Disposal 


Traditional 
(Water Fall 
Development) 


Evolutionary Acquisition 

(Incremental 

Development) 


Announcement of 
Opportunity (AO) 
Projects 








As Soon As Possible! - NPR 7120.5 
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Risk Management and the Life Cycle 

• •••• •••• ■ v : - : X 


Risk management is done throughout project life cycle 

Performing risk management during the early phases has a high payoff 
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SRR PDR CDR Launch 


No. of 

Alternatives / 
Fixes Available 

wh m mm mam 

Cost to 
Change / Fix 


System 
Life Cycle 
Phases 






Risk Management & Your Role 


Managing Risks is a part of your job 
ft is a management expectation. 


Jentify and manage Risks NOT Problems 

However mitigating/eliminating risks may create new 


A single problem may have multiple risks. 
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Familiar Conversations... 




*ve carefully thought out all the angles, 
have done it a thousand times, 
t comes naturally to me. 

know what I’m doing, its what I’ve been trained to do 



No beavers (castor canadensis) were injured while making these slides. 
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Think Again! 
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Summary _ 

Everyone is involved in managing risks. 

Implement RM early in the program life cycle. 

Risks have been and always will be with us. 

Documentation and communication are essential parts of 
managing risk. 

NASA’s Risk Management (CRM + RIDM) process starts with 
identifying risks, understanding risks, mitigation strategies, 
decisions and managing the uncertainties around those 
decisions. 


RM is a structured process that ensures consistency and 
increases credibility to include planning, tracking & controlling 

risks. 


Most risks are below the surface, yet there are always indicators. 
A good risk statement should be clear, concise and actionable. 


